chore(deps): bump the rust-dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the rust-dependencies group with 10 updates in the /src-tauri directory:

Package	From	To
tauri	2.11.0	2.11.2
tauri-plugin-opener	2.5.3	2.5.4
serde_json	1.0.149	1.0.150
chrono	0.4.44	0.4.45
cpal	0.17.3	0.18.1
tokio	1.52.1	1.52.3
toml	0.9.12+spec-1.1.0	1.1.2+spec-1.1.0
uuid	1.23.1	1.23.2
windows	0.61.3	0.62.2
tauri-plugin-single-instance	2.4.1	2.4.2

Updates tauri from 2.11.0 to 2.11.2

Release notes

Sourced from tauri's releases.

tauri-cli v2.11.2

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1090 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.2
    │       └── tauri 2.11.2
    │           ├── tauri-utils 2.9.2
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.2
    │           │   ├── tauri-runtime 2.11.2
    │           │   │   ├── tauri-runtime-wry 2.11.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-plugin 2.6.2
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-codegen 2.6.2
    │           │   │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri-build 2.6.2
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.2
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.11.2
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.9.2
    │           │   │   └── tauri-cli 2.11.2
    │           │   ├── tauri-build 2.6.2
</tr></table> 

... (truncated)

Commits

• 499df79 apply version updates (#15378)
• 20bb033 Revert "feat: add Windows VC runtime linking and bundling options (#15372)" (...
• b5b72ce fix(tauri-utils): preserve resource source file name when dest is empty (#15383)
• 3fd8ba2 fix: resources after empty directory not copied (#15388)
• 47e1b75 fix: set_as_windows_menu_for_nsapp command wrongly called `set_as_help_menu...
• eadd8f5 chore(deps-dev): bump svelte from 5.53.11 to 5.55.7 (#15382)
• 32d8166 feat: add Windows VC runtime linking and bundling options (#15372)
• b15b859 refactor: make error dialog take &'static str (#15369)
• 0e8e25f chore(deps): update dependency rollup to v4.60.3 (#15355)
• e5ae5b9 chore: fix changelog
• Additional commits viewable in compare view

Updates tauri-plugin-opener from 2.5.3 to 2.5.4

Release notes

Sourced from tauri-plugin-opener's releases.

opener-js v2.5.4

[2.5.4]

• c1fd33b3 (#3343 by @​Legend-Master) Fix revealItemInDir/reveal_items_in_dir can't reveal network paths like \\wsl.localhost\Ubuntu\etc on Windows

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 4.2kB README.md
npm notice 3.1kB dist-js/index.cjs
npm notice 2.0kB dist-js/index.d.ts
npm notice 3.1kB dist-js/index.js
npm notice 11B dist-js/init.d.ts
npm notice 730B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-opener
npm notice version: 2.5.4
npm notice filename: tauri-apps-plugin-opener-2.5.4.tgz
npm notice package size: 3.5 kB
npm notice unpacked size: 14.1 kB
npm notice shasum: b37883e4d36125b8c5a0c74f683395958a65bd7d
npm notice integrity: sha512-1HnPkb+AmgO29[...]aUJtT57lfO9CQ==
npm notice total files: 7
npm notice
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=1429011743
+ @tauri-apps/[email protected]

opener v2.5.4

[2.5.4]

• c1fd33b3 (#3343 by @​Legend-Master) Fix revealItemInDir/reveal_items_in_dir can't reveal network paths like \\wsl.localhost\Ubuntu\etc on Windows

... (truncated)

Commits

• e7a68fa publish new versions (#3068)
• b5550a3 chore: temp delete updater changefile
• 93426f8 fix: fix docsrs builds
• 4ee61e0 Revert "chore: temp delete updater changefile"
• See full diff in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

• Reject non-string enum object keys (#1324, thanks @​puneetdixit200)

Commits

• a1ae73a Release 1.0.150
• 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
• 2037b63 Reject non-string enum object keys
• 5d30df6 Resolve manual_assert_eq pedantic clippy lint
• dc8003a Raise required compiler for preserve_order feature to 1.85
• a42fa98 Unpin CI miri toolchain
• 684a60e Pin CI miri to nightly-2026-02-11
• 7c7da33 Raise required compiler to Rust 1.71
• acf4850 Simplify Number::is_f64
• 6b8ceab Resolve unnecessary_map_or clippy lint
• Additional commits viewable in compare view

Updates chrono from 0.4.44 to 0.4.45

Release notes

Sourced from chrono's releases.

0.4.45

What's Changed

• fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow by @​SAY-5 in chronotope/chrono#1787
• tz_data: fix tzdata locations on Android by @​caruschalalamove in chronotope/chrono#1789

Commits

• 1703382 Prepare 0.4.45 release
• 881f9ab tz_data: fix tzdata locations on Android
• f14ead4 fix(tz): reject TZ offset hour of 24 to avoid FixedOffset overflow
• c6063e6 Update similar-asserts requirement from 1.6.1 to 2.0.0
• 120686c Bump codecov/codecov-action from 5 to 6
• See full diff in compare view

Updates cpal from 0.17.3 to 0.18.1

Release notes

Sourced from cpal's releases.

cpal 0.18.1

A quick follow-up to 0.18.0 primarily to fix the docs.rs build failure.

• docs.rs: Excluded pipewire, whose system dependency isn't available in that sandboxed build environment.
• WASM: Fixed the audioworklet feature failing to compile on wasm32-wasip1 and other non-browser wasm32 targets.

No API or behavioral changes.

Links

• https://crates.io/crates/cpal
• https://docs.rs/cpal/0.18.1
• https://github.com/RustAudio/cpal/releases/tag/v0.18.1
• https://github.com/RustAudio/cpal/blob/v0.18.1/CHANGELOG.md

cpal 0.18.0

Hey everyone! cpal 0.18.0 is out, bringing two long-requested native Linux backends, a unified error API, and accurate timestamps across every platform.

What's New

Native PipeWire and PulseAudio

Two new first-class backends join the Linux and BSD lineup:

• PipeWire
• PulseAudio

Enable them with the pipewire and pulseaudio Cargo features. When multiple backends are compiled in, cpal selects the best available one at runtime: PipeWire > PulseAudio > ALSA.

Unified Error API

All per-operation error enums (DevicesError, BuildStreamError, StreamError, etc.) are replaced by a single cpal::Error with a kind() getter:

match device.default_output_config() {
    Err(e) => match e.kind() {
        cpal::ErrorKind::DeviceNotAvailable => { /* ... */ }
        cpal::ErrorKind::DeviceBusy => { /* retry */ }
        _ => { /* ... */ }
    }
}

Two new error kinds make previously indistinguishable cases actionable: DeviceBusy (EBUSY/EAGAIN is retryable) and PermissionDenied for OS-level access denials. See the upgrading guide for the mapping table.

Accurate Timestamps and A/V Sync

Timestamps previously reflected when the callback fired rather than when audio would actually reach hardware. This release corrects that across every backend:

• AAudio: pipeline buffer depth accounted for; fallback to zero on error fixed

... (truncated)

Changelog

Sourced from cpal's changelog.

[0.18.1] - 2026-06-07

Fixed

• Exclude pipewire from the docs.rs build; system dependency not available in its environment.
• Fix wasm-bindgen causing compile errors on non-browser wasm32 targets such as wasm32-wasip1.

[0.18.0] - 2026-06-06

Added

• New ErrorKind variants for the unified error type: BackendError (platform error without a specific mapping); DeviceBusy (retryable device access, e.g. EBUSY/EAGAIN); DeviceChanged (audio route changed to another device); InvalidInput (invalid caller-supplied values); PermissionDenied (OS-level access denial); RealtimeDenied (real-time scheduling refused — previously only printed to stderr); ResourceExhausted (OS thread/memory limits); UnsupportedOperation (backend or device does not implement the operation).
• Device now implements PartialEq, Eq, Hash, Display, and Debug on all backends.
• realtime feature for real-time audio thread scheduling without a D-Bus build dependency.
• StreamTrait::now() to query the current instant on the stream's clock.
• StreamTrait::buffer_size() to query the stream's current buffer size in frames per callback.
• SAMPLE_RATE_CD (44100 Hz) and SAMPLE_RATE_48K (48000 Hz) constants.
• SupportedStreamConfigRange::try_with_standard_sample_rate() and with_standard_sample_rate() to select 48 kHz or 44.1 kHz from a range.
• SupportedStreamConfigRange::contains_rate() to test whether a sample rate falls within a range.
• StreamConfig and SupportedStreamConfig now implement Copy.
• BufferSize now implements Default (returns BufferSize::Default).
• SupportedBufferSize now implements Default (returns SupportedBufferSize::Unknown).
• HostTrait::device_by_id() is now backend-dispatched, allowing each host to override the default implementation.
• DSD512 sample rates added to the common rate probe list.
• AAudio: Streams now request PERFORMANCE_MODE_LOW_LATENCY with the realtime feature; reports ErrorKind::RealtimeDenied if not granted.
• ALSA: device_by_id() now accepts PCM shorthand names such as hw:0,0 and plughw:foo.
• CoreAudio: tvOS target support (Tier 3, requires nightly).
• PipeWire: New host for Linux and BSD via the native PipeWire API.
• PulseAudio: New host for Linux and BSD via the PulseAudio API.
• WASAPI: F64 sample format support.

Changed

• Changed per-operation error types (DevicesError, SupportedStreamConfigsError, etc.) and HostUnavailable into a unified Error/ErrorKind. See https://github.com/RustAudio/cpal/blob/master/UPGRADING.md.
• DeviceTrait now requires PartialEq + Eq + Hash + Debug + Display with a stable device ID.
• DeviceTrait::build_*_stream() now takes StreamConfig by value instead of &StreamConfig.
• StreamInstant API changed and extended to mirror std::time::Instant/Duration. See https://github.com/RustAudio/cpal/blob/master/UPGRADING.md for migration details.
• Streams no longer start automatically on build_*_stream(); call play() explicitly. Previously ALSA, CoreAudio, and JACK auto-started streams on creation.
• Default output and input configs now prefer 48 kHz, then 44.1 kHz, then the device maximum.

... (truncated)

Commits

• 94ecb6e fix(ci): docs.rs has libjack-jackd2-dev
• 50d9646 ci: check with all features (#1240)
• 51f96e9 chore: prepare for v0.18.1 release
• 189db47 fix: exclude pipewire from docs.rs (#1239)
• 45fe976 fix(wasm): all features without atomics
• baa3678 doc: finalize changelog and upgrading guide for v0.18 release (#1238)
• 27473ac fix(pipewire): use node.latency and re-promote RT when re-negotiated (#1236)
• 0048977 perf(alsa): optimize enumeration speed (#1233)
• 7d4aedb chore(jack): pin to >= 0.13.5 (#1231)
• d2a2688 fix(pulseaudio): use device names as id (#1228)
• Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

• sync: fix underflow in mpsc channel len() (#8062)
• sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• sync: require that an RwLock has max_readers != 0 (#8076)
• sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

• d875691 chore: prepare Tokio v1.52.3 (#8130)
• e1aebb0 Merge 'tokio-1.51.3' into 'tokio-1.52.x' (#8129)
• fd63094 chore: prepare Tokio v1.51.3 (#8127)
• 8c600d0 Merge 'tokio-1.47.5' into 'tokio-1.51.x' (#8123)
• 11bfc13 chore: prepare Tokio v1.47.5 (#8122)
• f085b62 sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
• 30d25cc sync: require that an RwLock has max_readers != 0 (#8076)
• 9fccf53 sync: return Empty from try_recv() when mpsc is closed with outstanding p...
• ebf61b4 sync: fix underflow in mpsc channel len() (#8062)
• 4abe9d7 chore: prepare Tokio v1.52.2 (#8115)
• Additional commits viewable in compare view

Updates toml from 0.9.12+spec-1.1.0 to 1.1.2+spec-1.1.0

Commits

• a3d0047 chore: Release
• cc37615 docs: Update changelog
• 7f5e9e1 fix(parser): Consolidate invalid unquoted key into one error (#1138)
• 52feb90 fix(parser): Consolidate invalid unquoted key into one error
• aad85d4 chore(deps): Update j178/prek-action action to v2 (#1136)
• 8b1ac44 chore(deps): Update compatible (dev) (#1135)
• 9effd79 chore(deps): Update j178/prek-action action to v2
• 9db8aad chore: Release
• e55a663 docs: Update changelog
• c11d7d7 Optimisations (#1133)
• Additional commits viewable in compare view

Updates uuid from 1.23.1 to 1.23.2

Release notes

Sourced from uuid's releases.

v1.23.2

What's Changed

• Improve error messages for ambiguous formats by @​KodrAus in uuid-rs/uuid#882
• Prepare for 1.23.2 release by @​KodrAus in uuid-rs/uuid#883

Full Changelog: uuid-rs/uuid@v1.23.1...v1.23.2

Commits

• d119657 Merge pull request #883 from uuid-rs/cargo/v1.23.2
• 0651cfc prepare for 1.23.2 release
• e8dea0c Merge pull request #882 from uuid-rs/fix/error-msgs
• bdc429a fix up serde messages
• d4342e4 make indexes 0 based and fix up more error messages
• 4ad479f work on more accurate parser errors
• See full diff in compare view

Updates windows from 0.61.3 to 0.62.2

Commits

• See full diff in compare view

Updates tauri-plugin-single-instance from 2.4.1 to 2.4.2

Release notes

Sourced from tauri-plugin-single-instance's releases.

store-js v2.4.2

[2.4.2]

• eebfd2ed (#3157 by @​Legend-Master) Return an error instead of panic when the internally tracked resource id is invalid on creating new stores

npm warn Unknown user config "always-auth". This will stop working in the next major version of npm.
npm warn publish npm auto-corrected some errors in your package.json when publishing.  Please run "npm pkg fix" to address these errors.
npm warn publish errors corrected:
npm warn publish "repository" was changed from a string to an object
npm warn publish "repository.url" was normalized to "git+https://github.com/tauri-apps/plugins-workspace.git"
npm notice
npm notice 📦  @tauri-apps/[email protected]
npm notice Tarball Contents
npm notice 888B LICENSE.spdx
npm notice 4.4kB README.md
npm notice 6.6kB dist-js/index.cjs
npm notice 8.5kB dist-js/index.d.ts
npm notice 6.4kB dist-js/index.js
npm notice 711B package.json
npm notice Tarball Details
npm notice name: @tauri-apps/plugin-store
npm notice version: 2.4.2
npm notice filename: tauri-apps-plugin-store-2.4.2.tgz
npm notice package size: 5.5 kB
npm notice unpacked size: 27.5 kB
npm notice shasum: 70a0bc9ef62b45e2b1bff2ecb0afed2a42b22519
npm notice integrity: sha512-0ClHS50Oq9HEv[...]9DWhHjpigQE7A==
npm notice total files: 6
npm notice
npm notice Security Notice: Classic tokens have been revoked. Granular tokens are now limited to 90 days and require 2FA by default. Update your CI/CD workflows to avoid disruption. Learn more https://gh.io/all-npm-classic-tokens-revoked
npm notice Publishing to https://registry.npmjs.org/ with tag latest and public access
npm notice publish Signed provenance statement with source and build information from GitHub Actions
npm notice publish Provenance statement published to transparency log: https://search.sigstore.dev/?logIndex=804730710
+ @tauri-apps/[email protected]

store v2.4.2

[2.4.2]

• eebfd2ed (#3157 by @​Legend-Master) Return an error instead of panic when the internally tracked resource id is invalid on creating new stores

... (truncated)

Commits

• 2371804 publish new versions (#2888)
• 90f9b93 chore: fix cli version in deep-link package.json
• 1c58f33 chore(deps): update dependency rollup to v4.46.4 (v2) (#2935)
• 75617a6 fix(mobile): deeplinks (#2870)
• 5a963a0 chore(deps): update dependency @​tauri-apps/cli to v2.8.1 (#2930)
• 76f4e7b chore(deps): update eslint monorepo to v9.33.0 (#2903)
• 670ac1d chore(deps): update dependency typescript-eslint to v8.40.0 (#2923)
• ed0deef chore(deps): update dependency @​tauri-apps/api to v2.8.0 (#2929)
• 50cebdb chore(deps): update to tauri 2.8.0 (#2925)
• dd2ea9c chore(deps): update dependency rollup to v4.46.3 (#2920)
• Additional commits viewable in compare view

Updates tauri-build from 2.6.0 to 2.6.2

Release notes

Sourced from tauri-build's releases.

tauri-build v2.6.2

Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 1090 security advisories (from /home/runner/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (1088 crate dependencies)
Crate:     atk
Version:   0.18.2
Warning:   unmaintained
Title:     gtk-rs GTK3 bindings - no longer maintained
Date:      2024-03-04
ID:        RUSTSEC-2024-0413
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0413
Dependency tree:
atk 0.18.2
└── gtk 0.18.2
    ├── wry 0.55.0
    │   └── tauri-runtime-wry 2.11.2
    │       └── tauri 2.11.2
    │           ├── tauri-utils 2.9.2
    │           │   ├── tauri-schema-generator 0.0.0
    │           │   ├── tauri-runtime-wry 2.11.2
    │           │   ├── tauri-runtime 2.11.2
    │           │   │   ├── tauri-runtime-wry 2.11.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-plugin 2.6.2
    │           │   │   ├── tauri-plugin-sample 0.1.0
    │           │   │   │   └── api 0.1.0
    │           │   │   └── tauri-plugin-log 2.6.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri 2.11.2
    │           │   ├── tauri-codegen 2.6.2
    │           │   │   ├── tauri-macros 2.6.2
    │           │   │   └── tauri-build 2.6.2
    │           │   │       ├── tauri-file-associations-demo 0.1.0
    │           │   │       ├── tauri 2.11.2
    │           │   │       ├── resources 0.1.0
    │           │   │       ├── bench_helloworld 0.1.0
    │           │   │       ├── bench_files_transfer 0.1.0
    │           │   │       ├── bench_cpu_intensive 0.1.0
    │           │   │       └── api 0.1.0
    │           │   ├── tauri-cli 2.11.2
    │           │   │   └── tauri-cli-node 0.0.0
    │           │   ├── tauri-bundler 2.9.2
    │           │   │   └── tauri-cli 2.11.2
    │           │   ├── tauri-build 2.6.2
</tr></table> 

... (truncated)

Commits

• 499df79 apply version updates (#15378)
• 20bb033 Revert "feat: add Windows VC runtime linking and bundling options (#15372)" (...
• b5b72ce fix(tauri-utils): preserve resource source file name when dest is empty (#15383)
• 3fd8ba2 fix: resources after empty directory not copied (#15388)
• 47e1b75 fix: set_as_windows_menu_for_nsapp command wrongly called `set_as_help_menu...
• eadd8f5 chore(deps-dev): bump svelte from 5.53.11 to 5.55.7 (#15382)
• 32d8166 feat: add Windows VC runtime linking and bundling options (#15372)
• b15b859 refactor: make error dialog take &'static str (#15369)
• 0e8e25f chore(deps): update dependency rollup to v4.60.3 (#15355)
• e5ae5b9 chore: fix changelog
• Additional commits viewable in compare view

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.